SIM Cards attacks using Over-the-Air Updates

July 22, 2013 | Posted in News | By

The attack is a combination of both insecure communication method of SIM cards update with OTA STK procedure; and vulnerability in Java version running on the SIM card.

Industry reality is:

  • Number of affected card is not very high, limited to old cards. Often it’s 3DES being used.
  • The Binary SMS required to deliver the attack are often filtered at operator’s boundary, thus stopping the attack.

Hijacking SIM Cards through Over-the-Air Updates | Symantec Connect Community.

Rooting SIM cards.

DES encryption leaves SIM cards vulnerable to exploitation | ZDNet.

News and Threat Research Millions of SIM cards vulnerable to remote compromise | Fortinet Blog.


Read More →

NSA eavesdropping of undersea telecom cables

July 10, 2013 | Posted in News | By

As many Snowden-revealed NSA document show, NSA is actively involved with breaking in and tapping undersea cables including high-speed telecom and internet optical fibers. These surveillance, tapping and sniffing may have been enabled both by hacking and by physical submarine operation with secret cover stories even within US DoD.

NSA slide shows surveillance of undersea cables – The Washington Post.

A connected world – The Washington Post.

Undersea Optical Cable Cuts – Cypherpunks.

The Creepy, Long-Standing Practice of Undersea Cable Tapping – Olga Khazan – The Atlantic.

Inside TAO: The NSA’s Shadow Network (scroll down for : Tapping Undersea Cables, SEA-Me-We Undersea Cable Systems (SMW-4) compromise) – SPIEGEL ONLINE.

NSA Spying on Europe/Asia SEA-ME-WE-4 Undersea Telecom Cables | LeakSource.

French telecom operator Orange threatens to sue NSA over cable tapping — RT News.



Read More →